ISSessions Meeting on 2020-01-24

Date: 2020-01-24
Time: 19:00 – 20:25
Location: Room J102, Sheridan Trafalgar Campus, Oakville

Agenda
19:00 – Announcements with Louai
19:05 – News Roundup with Nick and Adam
19:25 – Feature Story with Louai
19:45 – Rick’s Random Repo Rundown
19:55 – Guest Speaker Matthew Siuda on Office 365 Forensics
20:25 – Wrap and refreshments (across the street at the pub)

Just a reminder to you all we have ISSessions this Friday! We’ll have our usual news roundup with Nick and Adam, a feature story with Louai, Rick’s random repo rundown, and a special guest speaker!

Our special guest speaker is Matthew Siuda (@suede) from Kivu Consulting. Matthew will be delivering a presentation on Office 365 Forensics. Matthew (Twitter @suedeSecurity) is a recently graduate from Sheridan and has prior experience doing threat hunting and investigations for Office 365.

As companies improve their perimeter defenses, threat actors have been focusing their efforts on to the weakest link in IT Security: The human. An attacker with access to a trusted corporate email account is capable of manipulating others through social engineering to achieve their goals. How do you identify that an account has been compromised? What is the course of action for resolving a business email compromise scenario?

We hope to see you all this Friday!

Happy New Year!

Happy New Year to you all! Both school and our activities will be starting up again as we host our first meeting of the year this Friday, January 10th.

Date: 2020-01-10
Time: 19:00 – 20:25
Location: Room J102, Sheridan Trafalgar Campus, Oakville

Agenda
19:00 – Announcements with Louai
19:05 – News Roundup with Nick
19:25 – Project Den: OWASP IoT Top 10 with Nicholas Johnston
19:55 – Guest Speaker Alana Staszczyszyn on “War in the Fifth Dimension: An Overview of the Weaponization of Information”
20:25 – Wrap and refreshments (across the street at the pub)

We have a #projectden segment by our very own Nicholas Johnston! Nick (@nickinfosec on Twitter) is a professor and the program coordinator Sheridan College’s cybersecurity bachelor’s degree program. Nick will introduce us to the OWASP IoT top 10 list followed by a case study in developing an IoT product1s. This will provide us with an understanding of the root cause of common vulnerabilities.

Afterwards, we close off the night with our guest speaker, Alana Staszczyszyn, to explain an overview of the weaponization of information. Alana (@cubes_n_spheres on Twitter) is a practicing security consultant and recent Sheridan ISS graduate!

What defines a cyberwar? Does cyberwarfare actually exist, or are cyber attacks just a means of enacting warfare in the kinetic world? And, more importantly, will escalating political tensions ever result in a cyber conflict, or are we already in the middle of a global cyber cold war?

War in the Fifth Dimension explores what military doctrines, academic literature, international legal frameworks, and the media have collectively coined as the newest domain of warfare. Despite this agreeance that cyberwarfare is a plausible concept in the real world, there is little surety as to what exactly counts as an “act of war” in the cyber realm. Cyber attacks primarily target activities and “intangible” data that kinetic conflicts would separately consider to be espionage, terrorism, or psychological and economic manipulation – in other words, strictly the affairs of domestic law.

Part 2: A Gentle Introduction into Malware Analysis

Date: Sunday, December 1
Time: 6:00 pm – 9:00 pm
Location: S302

As iterated in the previous email, we have our 2nd Malware Analysis workshop with Jason and Ken on Sunday! This workshop will offer a quick introduction to assembly and disassembly in the context of Malware Analysis. After a brief intro on assembly concepts, it will dive straight into hands-on examples. Participants will get to reverse engineer very simple programs (none of these malicious) and then more complicated crackmes. We’ll talk about code constructs, the stack and function calls, etc. Basic knowledge of C will be helpful.

Tools and General Requirements

A Linux machine is necessary. We will also be running exercises on the Windows machine that we provided last time.

Binaries of exercises will be provided in a .zip and the associated source code will be uploaded to Github. Any other crackmes will be provided.

Please set up virtual machine beforehand as we will not wait for those who are not prepared. Unlike last time, it is a simpler setup.

VirtualBox VM: https://drive.google.com/open?id=13vLxF8m4fFjgVEOw_u_BGza2AXPySEAc

Take-Home Resources

Reverse Engineering for Beginners: https://beginners.re/ (FREE!)
Linux Syscalls https://syscalls.kernelgrok.com/
GEF Cheat Sheet
https://github.com/zxgio/gdb_gef-cheatsheet/blob/master/gdb_gef-cheatsheet.pdf
IDA Basics https://resources.infosecinstitute.com/basics-of-ida-pro-2/#gref